Vulnerable Fortinet VPN's: Is your organization at risk?
How a 2018 Vulnerability is Still Impacting Fortinet Clients Today
Articles published January 13, 2021 by Scott Williams
Vulnerabilities originally discovered in 2018 that affect certain Fortinet Firewall services are still being used in cyberattacks that are impacting organizations over two years later. Two of the vulnerabilities directly affected Fortinet’s implementation of SSL VPN, and according to Fortinet’s website, these vulnerabilities could potentially allow an unauthenticated attacker to download files containing sensitive information and allow remote code execution. These vulnerabilities have been identified as CVE-2018-13379 and CVE-2018-13383.
So, why is a 2018 vulnerability still relevant today?
In late November 2020, threat actors began sharing more details of the Fortinet vulnerability on the dark web – publicly disclosing IP addresses of businesses that are at risk. In some cases, hackers were able to obtain VPN credentials from vulnerable devices and these were also published on the dark web. With this information available, an attacker can target a victim’s Fortinet Firewall, gain access to their network using the VPN and infect servers and workstations with Crypto-Ransomware. Organizations that have not applied the Fortinet-recommended product patch, or whose service provider has not applied the patch, could be at even greater risk than they were before. With increased accessibility to identified at-risk IP addresses and credentials, more and more hackers are able to attack through this vulnerability.
According to research regarding potentially impacted IP addresses, several belonged to reputable banking, finance, and governmental organizations – painting a vivid picture of the scope of this vulnerability.
How can you protect your business from this Fortinet vulnerability?
- Perform a firmware upgrade. According to Fortinet, a firmware upgrade is the primary recommended solution.
- If you are not able to perform a firmware upgrade, you or your service provider should apply the Fortinet-recommended patch to mitigate the risks from CVE-2018-13379, CVE-2018-13382, and CVE-2018-13383.
- Partner with a service provider you can trust to protect your business from cyber attacks and threat vectors. Aureon experts applied the recommended patches within days to protect our Clients from risk – keeping their operations smooth and protected from unanticipated downtime.
Benefits of Managed IT Solutions
When you partner with a trusted service provider like Aureon, you can count on responsive backup and data recovery, firewall and network security, and more. Skilled support teams monitor your systems to prevent issues and allowing you to focus on what you do best – running your business.
Is your business protected from cyberattacks and vulnerabilities?